summaryrefslogtreecommitdiffstats
path: root/usr/local/www/vpn_ipsec_phase2.php
Commit message (Collapse)AuthorAgeFilesLines
* Change copyright statement to reflect realityJim Thompson2014-11-101-1/+2
|
* remove unnecessary is_array check, thanks RenatoChris Buechler2014-11-061-37/+35
|
* Don't allow P2 local+remote network combinations that overlap withChris Buechler2014-11-061-0/+44
| | | | interface+remote-gateway of the P1. Fixes #3812
* Add missing s to solve the issue reported on ↵Ermal2014-08-201-1/+1
| | | | https://forum.pfsense.org/index.php?topic=80722.new#new
* Allow HASH algorithms to be empty for phase2 in case the encryption one is ↵Ermal2014-08-181-3/+16
| | | | AES-GCM
* Use a uniqid() to track phase2 entries to avoid confustion and various ↵Ermal2014-08-011-73/+60
| | | | mistakes when modifying and editing them.
* This is not true any longer (and required for L2TP+IPsec)jim-p2014-05-201-2/+0
|
* Tidy up "vpn_ipsec_phase2.php" XHTMLColin Fleming2014-05-081-52/+51
| | | | | | | | Move script after the FBEGIN.INC include Add CDATA sections to SCRIPTS Add SUMMARY to TABLES Close INPUT tags Update HTML Boolean operators
* Check the right field hereRenato Botelho2014-04-291-1/+1
|
* Move the IPsec settings from System > Advanced, Misc tab to "Advanced ↵jim-p2014-04-251-0/+1
| | | | Settings" tab under VPN > IPsec.
* replaced uppercase html tags with lowercaseayvis2014-03-191-1/+1
| | | | js files saved as UTF-8 / LF language="JavaScript" deprecated, replaced with type="text/javascript"
* xhtml Complianceayvis2014-03-141-8/+8
| | | replaced <br>, <br/> and </br> with <br />
* Improve checks for params 'id', 'dup' and other similar ones to make sure ↵Renato Botelho2014-03-121-5/+6
| | | | they are numeric integer, also, pass them through htmlspecialchars() before print
* First swing at converting from racoon to StrongSWAN.Ermal2014-02-061-1/+0
| | | | | | | | | | | | | | | | | | | | | | It allows to use existing configurations on xml to generate StrongSWAN configurations. So its only IKEv1 * Missing support for dynamic ips(hostnames) - resolver plugin of StrongSWAN needs to be configured in strongswan.conf * Authentication plugin with pfSense authentication framework - New plugin almost completed * More testing hence this being pushed now to have more broader look TODO * Integrate IKEv2 * Move dynamic IP allocation to an SQLite backend * Provide more options in authenticating as a client(initiator) * Restrict interfaces where StrongSWAN listens for incoming connections to only those configured FUTUTE * Move all configuration to SQLite backend * Integrate more authentication scenarios of IKEv2
* Remove call-time pass by reference for do_input_validation, helps ticket #2565Renato Botelho2013-09-121-1/+1
|
* touch up text, s/nat/NAT/Chris Buechler2013-09-031-4/+4
|
* Remove invallid option 'none' for IPSec Phase 2. Fixes #2816Renato Botelho2013-02-151-1/+0
|
* Properly generate all address data based on configuration selectedErmal2013-02-111-6/+6
|
* Make IPv4/IPv6 validation on IPSecRenato Botelho2013-01-241-0/+20
| | | | It should fix #2769
* Don't allow transport mode to be selected for mobile clients. Fixes #2713jim-p2012-12-071-0/+2
|
* Commit a revised version of ↵Ermal2012-11-191-1/+1
| | | | https://github.com/bsdperimeter/pfsense/pull/264.diff
* Standardize hypenation and capitalization of Pre-Shared Keyjim-p2012-10-261-1/+1
|
* Throw an error when invalid configuration is posted(address->network).Ermal2012-10-231-0/+2
|
* Check against _address since that is the field inputed _type is always there.Ermal2012-10-051-2/+2
|
* Properly set address type selectionErmal2012-10-051-2/+2
|
* Do not make natlocalid requiredErmal2012-10-051-16/+19
|
* This field isn't required, so only check it if there is a valuejim-p2012-10-051-1/+1
|
* Add a NAT entry for configuring NAT on ipsec phase2. It will add nat rules ↵Ermal2012-10-041-0/+99
| | | | on enc interface
* Activate new shortcuts/status in the rest of the areas that are currently setup.jim-p2012-08-101-2/+1
|
* Activate more Hash, DH, and PFS options that are available in racoon now. ↵jim-p2012-08-021-6/+0
| | | | Note that SHA256-512 are RFC4868 compliant in FreeBSD, may break with other incompatible stacks.
* Ticket #2455: do not check encryption algo for AH protocolPierre POMES2012-05-261-12/+17
|
* restore default dropdown values of 24/64 bitsDarren Embry2012-04-051-0/+38
| | | | | now that feature #2320 behavor is a bit different regarding change of existing set value when switching between ipv4 and ipv6
* add feature #2320 to vpn_ipsec_phase2.php.Darren Embry2012-04-051-32/+7
| | | | | | | note: had to disable existing behavior that modified the value of the behavior. existing behavior that disables/enables the dropdowns is still active.
* Reject an interface without a subnet as a network source in the IPsec Phase ↵jim-p2012-02-141-0/+10
| | | | 2 GUI. Fixes ticket #2201
* Merge remote branch 'upstream/master'jim-p2011-06-031-49/+38
|\ | | | | | | | | Conflicts: etc/inc/openvpn.inc
| * Bug #1560.IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-06-021-7/+21
| | | | | | | | given phase 1 (fixing p2 edit)
| * Bug #1560.IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-06-011-49/+24
| | | | | | | | given phase 1 (improvement of previous patch)
* | Merge remote branch 'upstream/master'jim-p2011-06-011-2/+68
|\ \ | |/ | | | | | | | | | | | | | | | | Conflicts: conf.default/config.xml etc/inc/filter.inc etc/inc/globals.inc etc/inc/pfsense-utils.inc etc/inc/upgrade_config.inc usr/local/www/interfaces.php
| * Bug #1560. IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-05-311-2/+41
| | | | | | | | given phase 1(site-to-site).
| * Bug #1560. IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-05-311-1/+28
| | | | | | | | given phase 1(mobile clients).
* | enlarge various address fields for IPv6 addressesSeth Mos2011-03-171-3/+3
| |
* | Add the ability to differentiate between v4 and v6 tunnels. Bill says he can ↵Seth Mos2011-03-111-9/+21
|/ | | | test
* Make sure to resolve the gateway name before passing it off to the IPsec ↵smos2011-02-241-1/+2
| | | | reload function
* Add other interfaces to local network selection and show proper names. Fixes ↵Erik Fonnesbeck2010-11-221-1/+6
| | | | #965
* Fix XSS issuesScott Ullrich2010-11-121-10/+10
|
* Do not include 'remoteid' javascript functions for mobile ipsec. Ticket #797pierrepomes2010-10-171-9/+7
|
* Corrections gettext() calls on vpn_ipsec_phase2.phpRafael Lucas2010-07-301-1/+1
|
* Implement gettext() calls on vpn_ipsec_phase2.phpCarlos Eduardo Ramos2010-07-271-52/+52
|
* Remove Logs tab from OpenVPN, as it is no longer needed.jim-p2010-06-011-1/+0
|
* Add status/log icons to IPsec pages.jim-p2010-06-011-0/+3
|
OpenPOWER on IntegriCloud